Vulnerabilities > Debian

DATE CVE VULNERABILITY TITLE RISK
2022-08-30 CVE-2022-25857 XML Entity Expansion vulnerability in multiple products
The package org.yaml:snakeyaml from 0 and before 1.31 are vulnerable to Denial of Service (DoS) due missing to nested depth limitation for collections.
network
low complexity
snakeyaml-project debian CWE-776
7.5
7.5
2022-08-30 CVE-2022-39028 NULL Pointer Dereference vulnerability in multiple products
telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8.
network
low complexity
gnu mit debian netkit-telnet-project CWE-476
7.5
7.5
2022-08-30 CVE-2022-38784 Integer Overflow or Wraparound vulnerability in multiple products
Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc).
local
low complexity
freedesktop debian fedoraproject CWE-190
7.8
7.8
2022-08-29 CVE-2022-0367 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c.
local
low complexity
libmodbus fedoraproject debian CWE-787
7.8
7.8
2022-08-29 CVE-2022-0718 Information Exposure Through Log Files vulnerability in multiple products
A flaw was found in python-oslo-utils.
network
low complexity
openstack redhat debian CWE-532
4.9
4.9
2022-08-29 CVE-2022-1184 A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component.
local
low complexity
linux redhat debian canonical
5.5
5.5
2022-08-29 CVE-2022-1204 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol.
local
low complexity
linux fedoraproject debian CWE-416
5.5
5.5
2022-08-29 CVE-2022-2953 Out-of-bounds Read vulnerability in multiple products
LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file.
local
low complexity
libtiff netapp debian CWE-125
5.5
5.5
2022-08-27 CVE-2022-2787 Improper Preservation of Permissions vulnerability in Debian Linux and Schroot
Schroot before 1.6.13 had too permissive rules on chroot or session names, allowing a denial of service on the schroot service for all users that may start a schroot session.
network
low complexity
debian CWE-281
4.3
4.3
2022-08-26 CVE-2022-0171 Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux redhat debian CWE-212
5.5
5.5